This is a simple bash script I made that will prevent iTunes from updating any device. To update after you use this script you just manually download the firmware and do option restore. I made it because I was hearing about a lot of people who 'accidentally' upgraded to a non-jailbreakable firmware.

All this script will do is chmod the download directorys of the iTunes software updates. When it tries to download it will be denied permission. Quite simple.

[crarko adds: I haven't tested this one. As I've mentioned before, I don't jailbreak. If you download the script it has a ruby (.rb) extension. It's not ruby so change it to .sh. Note that you could also just go chmod 444 the relevant directories by hand in Terminal. The original permissions on the directories is 755 if you wanted to change them back.]

There is no need for using 'sudo' in any of these commands, since the user is only changing their own user folder. It's safer to leave it out.
I think that Disk Utility repair permissions only looks at system files and not user files so this should not be affected by that.

Just as sudo is unnecessary to kill iTunes and change directory permissions, the "-9" argument to killall is really unnecessary. It doesn't give iTunes a chance to exit gracefully and do the normal cleanup that it does when it exits. Either a regular killall without "-9" would be better, or just tell the user to quit. Heck, you could even do it via AppleScript:

osascript -e 'tell application "iTunes" to quit'

The current method is kind of like using a sledgehammer to ring a doorbell - it'll get the job done, but it's overkill and may cause unintended damage.

The one way in which sudo would be useful here is if the script changed ownership of the directories to root. Then a future version of iTunes wouldn't be able to change permissions back. As it is now, if the directories don't exist, they will be owned by root (because they are created using sudo), but if they do already exist, ownership won't change. I'd just create directories as the user and then only use sudo to chown them to root.

Finally, I'd prefer to move any existing updates out of the way rather than deleting them.